When a computer password is lost or forgotten, whether for hardware or software, it must be reset, requiring the intervention of a system manager or administrator or other so-called “help desk” personnel. Resetting passwords consumes considerable manager/administrator time. Passwords that might be forgotten or lost include personal computer (PC) basic input output system (BIOS) passwords, hard disk drive (HDD) access passwords, operating system passwords such as Windows7 passwords, and application passwords such as the IBM Global Dialer, Lotus Notes or other protected data or applications.
Securely resetting a password is currently undertaken by the help desk after receiving a user help desk call or trouble ticket report of a lost or forgotten password and then generating a random temporary password. The temporary password is sent to the user by e-mail (unless the e-mail password is involved), or voice mail, or the postal service. Thus, much of the password reset process requires the costly attention and time of help desk personnel.
In addition to the above problems, the present invention recognizes particular drawbacks to current password reset methods, including the fact that remote mechanisms for setting passwords may require unique system and user authentication mechanisms that are independent from the password being reset. Moreover, as understood herein current BIOS passwords can only be reset locally from the keyboard after supplying either the password being reset or the corresponding master password for the function. Still further, without a valid Windows access password, a user has no guaranteed mechanism of resetting the Windows password. Simply allowing a user to reset his or her own password by giving the user an administrator's ID/password plainly compromises the integrity of the system. Also, some enterprises maintain a central record of the set of user passwords in an enterprise to facilitate resetting a lost password, but this means that the user cannot modify passwords when disconnected as may be required during travel since the central location might not contain the most recent local password values. With these drawbacks in mind, the present invention has been provided.